David Abrahams wrote:
"Giovanni P. Deretta" <lordshoo@gmail.com> writes:
- It is extremely insecure. In a network library security must be paramount. If the transport type were encoded in the address, it would be much harder to validate externally received addresses. A similar argument can be made for the port numbers. It is better to keep these things separated. The library user can create its own indexed factory collection if it really needs to.
That's a very convincing argument.
No, it isn't. If you analyze the security of the two cases carefully you'll see that there isn't much of a difference, except that the "transport-encoded" type gives you one bit of extra information, the transport, which you can check against your expectations.